[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [dhcwg] [New I-D] DHCP User-based Authentication
Hello,Eliot!
Please see in line.
Thanks!
B.R.
Amy
> -----Original Message-----
> From: Eliot Lear [mailto:lear at cisco.com]
> Sent: Thursday, October 12, 2006 4:22 PM
> To: Amy Zhao
> Cc: dhcwg at ietf.org
> Subject: Re: [dhcwg] [New I-D] DHCP User-based Authentication
>
> Amy Zhao wrote:
> >> I have the following three questions:
> >>
> >> 1. Why is DHCP the correct protocol to do user-based
> >> authentication?
> >>
> >
> > If we want to use DHCP for configuring clients accessing
> the Internet
> > through some form of high-speed access technology such as cable or
> > ADSL, we need a coupling between AAA and DHCP.
> >
>
> What resource is DHCP protecting, and is it effective at
> protecting that resource?
>
The resource that DHCP is protecting is user password.
I will not tell you this mechanism is very effective in all situations, I
can not make such a conclusion .
After all, the security of this mechanism is not very strong,
but it does not mean that we need the strongest secure mechanism in all
situations, enough is OK.
If you and other folks can give me some advices/comments to make this
mechanism stronger,
I will be very appreciated. :-)
> >
> >> 2. How would this work interact with RFC 3118 (as mentioned by
> >> Andre
> >> Kostur)?
> >>
> >
> > You and Andre both mention this issue. To tell the truth, I really
> > missed it. but until now, I think the two options are
> seperate. Maybe
> > I miss some issues.
>
> Fundamentally the issue is this: what is to prevent a rogue
> DHCP server from snarfing a client password? More precisely:
> how does the client properly recognize an authorized DHCP
> server versus a rogue server. I think that leads us to 3 below.
>
Thanks to point out this problem.
If I catch your mean correctly, you mean if we use dhcp authentication
option and user -based authentication
simutaneously, the password information will be delivered to dhcp server
before the client and the server authenticated
each other?
Now, we are considering this problem but it seems to me there is no good
idea. Any comments?
In digest mechanism, what the server know about a client password is the
digest of this password,
not the plain-text password. I think it will be useful for snarfing attack.
> >
> >
> >
> >> 3. At this late date it seems wise to at least address
> the issue of
> >> the authentication server proving itself to the connecting
> >> device. This seems to me to change the nature of risk with
> >> regard
> >> to who is giving up information. What in your proposal is to
> >> prevent a rogue DHCP server from snarfing passwords?
> >>
> >>
> > Sorry, I could not catch your mean.Do you mean to add some
> context in
> > the draft?
> >
>
> See above. How do I know that I am handing my password to A Good Guy?
>
> Eliot
>
_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg